| The technologies on information and network advances rapidly nowadays, provides the conditions which schools vigorously promote the education informational, and makes the infrastructure of information technology education begun to take shape in China. With the development of informational education, building and using School Area Network has grown popularity. However, as the cornerstone of the school informational education, the security situation of school website is not optimistic. This security of school website which maintaining the normal education and management was concerned by the educational administration and school administrators.First of all, this paper summarizes some websites attacking ways and websites scanning tools. It concludes five common school websites attacking ways, including XSS, SQL Injection, DoS, the buffer overflow attacks, and Social engineering, and analyses their invasion methods, characteristics and consequences. And brief introduces three major website vulnerability scanning tools to provide a reference for the school website administrators.On the basis of understanding the relevant theories, this paper conducted case studies of the websites of Zhangjiang Experimental High School to East China Normal University and Jiangzheng Central Primary School. In this paper, the school websites security analysis is mainly from two aspects. In the one hand, using Acunetix WVS to scan the websites, analysis the vulnerability scanning reports, conclude the direct security problems in the two school websites. In the other hand, because human factors, such as the website administrator surfing habits, can indirectly influence the school website security, this paper, by compiling school website security questionnaire for school website administrator, carries on the questionnaire and interview survey manners to investigate the basic situation of the school website, the current safety situation, and the webmasters network habits. Meanwhile, use interviews survey to schools relevant personnel to get the schools authorities' opinions and suggestions on the school websites security. Then, summarize the indirect influence reasons of school website security. Lastly, through the two schools case studies, this paper provides the principles of the websites security, and proposes strategies about constructing safety school websites, which from three aspects:security protection measures, management mechanism and personnel. Because this paper only had two schools research data, the scope of the study is less, the results of this study has some limitations. Hope in the future studies, can improve the deficiencies, expand the research scope and promote regional school websites safety construction. |
PDF Full Text Request